diff options
author | Summer Qin <summer.qin@arm.com> | 2018-03-12 11:28:26 +0800 |
---|---|---|
committer | Summer Qin <summer.qin@arm.com> | 2018-04-10 14:30:03 +0800 |
commit | 23411d2c4adcec412befb4ffbbfbf81c743a59c6 (patch) | |
tree | c34ad4ba9d98788645c9dd1b0675c20c61eb4009 /plat/arm/common/arm_tzc400.c | |
parent | f11916bf1dfecd7ee76240eebd847681ce366a67 (diff) | |
download | trusted-firmware-a-23411d2c4adcec412befb4ffbbfbf81c743a59c6.tar.gz |
plat/arm: Allow override of default TZC regions
This patch allows the ARM Platforms to specify the TZC regions to be
specified to the ARM TZC helpers in arm_tzc400.c and arm_tzc_dmc500.c.
If the regions are not specified then the default TZC region will be
configured by these helpers.
This override mechanism allows specifying special regions for TZMP1
usecase.
Signed-off-by: Summer Qin <summer.qin@arm.com>
Diffstat (limited to 'plat/arm/common/arm_tzc400.c')
-rw-r--r-- | plat/arm/common/arm_tzc400.c | 62 |
1 files changed, 23 insertions, 39 deletions
diff --git a/plat/arm/common/arm_tzc400.c b/plat/arm/common/arm_tzc400.c index 6b706be92c..a32736c3aa 100644 --- a/plat/arm/common/arm_tzc400.c +++ b/plat/arm/common/arm_tzc400.c @@ -18,16 +18,20 @@ /******************************************************************************* * Initialize the TrustZone Controller for ARM standard platforms. - * Configure: - * - Region 0 with no access; - * - Region 1 with secure access only; - * - the remaining DRAM regions access from the given Non-Secure masters. - * * When booting an EL3 payload, this is simplified: we configure region 0 with * secure access only and do not enable any other region. ******************************************************************************/ -void arm_tzc400_setup(void) +void arm_tzc400_setup(const arm_tzc_regions_info_t *tzc_regions) { +#ifndef EL3_PAYLOAD_BASE + int region_index = 1; + const arm_tzc_regions_info_t *p; + const arm_tzc_regions_info_t init_tzc_regions[] = { + ARM_TZC_REGIONS_DEF, + {0} + }; +#endif + INFO("Configuring TrustZone Controller\n"); tzc400_init(PLAT_ARM_TZC_BASE); @@ -36,42 +40,22 @@ void arm_tzc400_setup(void) tzc400_disable_filters(); #ifndef EL3_PAYLOAD_BASE + if (tzc_regions == NULL) + p = init_tzc_regions; + else + p = tzc_regions; /* Region 0 set to no access by default */ tzc400_configure_region0(TZC_REGION_S_NONE, 0); - /* Region 1 set to cover Secure part of DRAM */ - tzc400_configure_region(PLAT_ARM_TZC_FILTERS, 1, - ARM_AP_TZC_DRAM1_BASE, ARM_EL3_TZC_DRAM1_END, - TZC_REGION_S_RDWR, - 0); - - /* Region 2 set to cover Non-Secure access to 1st DRAM address range. - * Apply the same configuration to given filters in the TZC. */ - tzc400_configure_region(PLAT_ARM_TZC_FILTERS, 2, - ARM_NS_DRAM1_BASE, ARM_NS_DRAM1_END, - ARM_TZC_NS_DRAM_S_ACCESS, - PLAT_ARM_TZC_NS_DEV_ACCESS); - - /* Region 3 set to cover Non-Secure access to 2nd DRAM address range */ - tzc400_configure_region(PLAT_ARM_TZC_FILTERS, 3, - ARM_DRAM2_BASE, ARM_DRAM2_END, - ARM_TZC_NS_DRAM_S_ACCESS, - PLAT_ARM_TZC_NS_DEV_ACCESS); - -#if ENABLE_SPM - /* - * Region 4 set to cover Non-Secure access to the communication buffer - * shared with the Secure world. - */ - tzc400_configure_region(PLAT_ARM_TZC_FILTERS, - 4, - ARM_SP_IMAGE_NS_BUF_BASE, - (ARM_SP_IMAGE_NS_BUF_BASE + - ARM_SP_IMAGE_NS_BUF_SIZE) - 1, - TZC_REGION_S_NONE, - PLAT_ARM_TZC_NS_DEV_ACCESS); -#endif + /* Rest Regions set according to tzc_regions array */ + for (; p->base != 0ULL; p++) { + tzc400_configure_region(PLAT_ARM_TZC_FILTERS, region_index, + p->base, p->end, p->sec_attr, p->nsaid_permissions); + region_index++; + } + + INFO("Total %d regions set.\n", region_index); #else /* if defined(EL3_PAYLOAD_BASE) */ @@ -92,5 +76,5 @@ void arm_tzc400_setup(void) void plat_arm_security_setup(void) { - arm_tzc400_setup(); + arm_tzc400_setup(NULL); } |